Openvswitch Installation on Debian

OpenvSwitch is a production quality open source software switch designed to be used as a vswitch in virtualized serverenvironments. A vswitch forwards traffic between different VMs on the same physical host and also forwards traffic between VMs and the physical network. Open vSwitch supports standard management interfaces (e.g. sFlow, NetFlow, IPFIX, RSPAN, CLI), and is open to programmatic extension and control using OpenFlow and the OVSDB management protocol.

The tutorial show installation of Openvswitch on Debian Wheezy. The most recent version of Openvswitch package available in Debian repository is 1.4.2. For this reason we are going to compile and install the latest Openvswitch 2.0.0.

$ sudo apt-cache show openvswitch-switch | grep Version
Version: 1.4.2+git20120612-9.1~deb7u1

During writing of the tutorial I intensively used the following links as references.

Openvswith FAQ:
http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=blob_plain;f=FAQ;hb=HEAD

Building Openvswitch on Linux:
http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=blob_plain;f=INSTALL;hb=HEAD
http://n40lab.wordpress.com/2013/06/15/installing-openvswitch-1-10-on-debian-wheezy/

 1. Install required Debian packages

Install packages to successfully build Openvswitch on Debian.

$ sudo apt-get install build-essential linux-headers-`uname -r` libssl-dev perl python bridge-utils uml-utilities

To compile openvswitch with the ovsdmonitor option, install the following software:

$ sudo apt-get install python-twisted-conch python-simplejson python-zope.interface python-qt4

2. Check if bridge module is loaded

Check if bridge module is loaded.

$ lsmod | grep bridge
bridge 55884 0
stp 12405 1 bridge

If the bridge module is loaded, unload it with the command.

$ sudo rmmod bridge

3. Download the latest Openvswitch

Download and extract the latest Openvswitch tarball.

$ wget http://openvswitch.org/releases/openvswitch-2.0.0.tar.gz

$ tar zxvf openvswitch-2.0.0.tar.gz
$ cd openvswitch-2.0.0/

4. Compile Openvswitch

Compile Openvswitch on Debian and create openvswitch kernel module.

$ ./configure --with-linux=/lib/modules/`uname -r`/build
$ make
$ sudo make install

5. Install and load Openvswitch kernel module

Install openvswitch kernel module that we built in a previous step.

$ sudo make modules_install

Load openvswitch module and check if the module is loaded in Linux kernel.

$ sudo /sbin/modprobe openvswitch

picture1

Picture 1 Checking if Openvswitch  Module is Loaded in the Kernel

6. Initialize the configuration database

Initialize the configuration database using ovsdb-tool.

$ sudo mkdir -p /usr/local/etc/openvswitch
$ sudo ovsdb-tool create /usr/local/etc/openvswitch/conf.db vswitchd/vswitch.ovsschema

7. Start the configuration database

Start configuration database, ovsdb-server.

Before starting ovs-vswitchd itself, we need to start its configuration database, ovsdb-server. Each machine on which Open vSwitch is installed should run its own copy of ovsdb-server.
Configure it to use the database you created during step 6 of installation, above, to listen on a Unix domain socket, to connect to
any managers specified in the database itself, and to use the SSL configuration in the database:

$ sudo ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,Open_vSwitch,manager_options \
--private-key=db:Open_vSwitch,SSL,private_key \
--certificate=db:Open_vSwitch,SSL,certificate \
--bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \
--pidfile --detach

Note:  Do not separate lines above as they are parts of the single ovsdb-server command.

9. Initialize database

Initialize the database using ovs-vsctl command. This is only necessary the first time after we create the database with ovsdb-tool (but running it at any time is harmless).

$ sudo /usr/local/bin/ovs-vsctl --no-wait init

10. Start Openvswitch daemon

Start the main Open vSwitch daemon, telling it to connect to the same Unix domain socket:

$ sudo ovs-vswitchd --pidfile --detach

11. Enable IPv4 and IPV6 packets forwarding

We need to enable ipv4 and ipv6 packets forwarding between interfaces. These commands enable ipv4 and ipv6 forwarding on the fly.

$ sudo sysctl -w net.ipv4.ip_forward=1
$ sudo sysctl -w net.ipv6.conf.all.forwarding=1

To enable forwarding at boot, edit /etc/sysctl.conf as root and uncomment the following lines.

net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding=1

12. Startup script

As we do not want to run Openvswitch everytime Debian boots up we do not have to create init script. Instead of it, we will create the Bash script that we will execute manually after Debian boots up. The script starts and initialize database.It also loads the kernel module and starts ovs-vswitchd daemon.

#!/bin/bash

#Load the openvswitch module
sudo /sbin/modprobe openvswitch

#Start openvswitch database
sudo /usr/local/sbin/ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,Open_vSwitch,manager_options \
--private-key=db:Open_vSwitch,SSL,private_key \
--certificate=db:Open_vSwitch,SSL,certificate \
--bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \
--pidfile --detach

#Initialize openvswitch database
sudo /usr/local/bin/ovs-vsctl --no-wait init

#Start openvswitch daemon
sudo ovs-vswitchd --pidfile --detach

Assign execute privileges to the script.

$ chmod +x start_openvswitch.sh

13. Openvswitch configuration

Create the bridge br0.

$ sudo ovs-vsctl add-br br0

Check if the bridge br0 has been created.

picture2

Picture 2 Checking Openvswitch Configuration

4 thoughts on “Openvswitch Installation on Debian

  1. hello sir..
    im stuck on step 5 when i type "$ sudo make modules_install" is error message appear, then when i type "lsmod | grep openvswitch" the modules isn't load..
    i install this openvswitch on proxmox that i realized the proxmox is based from debian..

  2. I tried to get latest code from git on Stretch compiled. It worked well.

    When getting from git, you need install libtool and run ./boot.sh

    Otherwise u will get error:

    /usr/local/src/ovs$ autoreconf -if
    configure.ac:43: error: possibly undefined macro: LT_INIT
    If this token and others are legitimate, please use m4_pattern_allow.
    See the Autoconf documentation.

    # apt-get install libtool

    Tested today on Stretch and latest code:

    uname -a
    Linux debian 4.3.0-1-amd64 #1 SMP Debian 4.3.3-7 (2016-01-19) x86_64 GNU/Linux

    git log
    commit 9167fc1ae524e6ef33e706daf38e77af9188d8d2
    Author: Jarno Rajahalme
    Date: Fri Jan 29 17:28:08 2016 -0800

Leave a Reply to suvz Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.